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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment See 37 CFR 1.704(b). 

Status 

1 )E3 Responsive to communication(s) filed on 19 April 2004 . 
2a)D This action is FINAL. 2b)S This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) S Claim(s) 79.80.82-90.92-95 and 97-117 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E3 Claim(s) 79.80.82-90.92-95 and 97-117 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 



3.Q Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1. This is in response to the Amendment and Request for Continued Examination filed on 
4/19/2004 (paper #21). Claims 81, 91 and 96 are canceled. Claims 79, 80, 82-90, 92-95 and 97- 
1 17 are presented for examination. 

Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another filed in the United 
States before the invention thereof by the applicant for patent, or on an international application by another who 
has fulfilled the requirements of paragraphs (1), (2), and (4) of section 371(c) of this title before the invention 
thereof by the applicant for patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act of 1999 
(AIPA) and the Intellectual Property and High Technology Technical Amendments Act of 2002 
do not apply when the reference is a U.S. patent resulting directly or indirectly from an 
international application filed before November 29, 2000. Therefore, the prior art date of the 
reference is determined under 35 U.S.C. 102(e) prior to the amendment by the AIPA (pre- AIPA 
35 U.S.C. 102(e)). 

3. Claims 79-82, 97-100, 112, 113, 115-117 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Kirsch, US pat. No.5,963,915. 

As to claim 79, Kirsch discloses a system for transfer of secure data on a network (internet 14 
fig.l) comprising: 
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a) a client (12 fig. 1) capable of presenting conforming client data. 

b) a server (server 16 fig. 1) capable of using said conforming client data to create at 
least one secure cookie (i.e., using the server to create and to store a client side cookie for use in 
connection with a subsequent URL request , see figs.l, 2, abstract, col.5 line 53 to col.6 line 49 
and col.7 line 43 to col.8 line 52), each of said at least one secure cookie including: 

i) a domain field capable of holding domain data to associate said secure cookie to a 
domain where said secure cookie is valid (i.e., cookie having a match of domain, see fig.3, col.l 1 
lines 15-38). 

ii) at least one name field capable of holding name data (see col.l 1 lines 15-38). 

iii) at least one value field capable of holding value data derived from said conforming 
client data (see col.l 1 line 39 to col. 12 line 16). 

iv) an expiration field capable of holding cookie expiration data (expiration date, col. 13 
lines 15-67). 

c) a network (processing information over a network) capable of transporting at least one 
of said at least one secure cookie between said server and said client (see fig.4, 14 lines 
1-43). 

d) a client storage (cookies stored by client) means capable of storing at least one of said 
at least one secure cookie and a secure attribute service between said client and said 
server using said at least one of said at least one secure cookie (see col. 13 line 15 to 
col.l41ine 65 ). 

Wherein at least one secure cookie is, among other things, an authentication cookie, a seal cookie 
capable of being used by said server to determine if another cookie in said multitude of secure 
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cookies has been altered and a key cookie containing an encrypt session key capable of 
encrypting said vale data contained in another of at least one secure cookie (disclosing an 
authentication cookie, see col. 13 lines 15-67). 

As to claim 80, Kirsch discloses a web browser (Client browser) (see col.6 lines 3-49). 

As to claim 82, Kirsch discloses the secure attribute service including said server authenticating 
said client by comparing said conforming client data to said value data (i.e., processing data 
upon receiving a URL request from a client and creating a cookie according to a user, see fig.2, 
col.7 line 20 to col.8 line 43). 

As to claims 1 12 and 115, Kirsch further discloses creating integrity data from at least one secure 
cookie, encrypting client data (using encrypting mechanism, see col. 13 lines 15-67), inputting 
integrity data into a seal cookie and storing said cookie (see col. 14 lines 1-65). 

As to claim 97, 98 and 116, Kirsch discloses that at least one of said at least one secure cookie is 
used in an electronic transaction and a part of a role based access control system and at least one 
of said at least one secure cookie is used in assigning client roles (verifying a valid user account, 
col.8 lines 13-63 and col.13 lines 15-67). 

As to claim 99, Kirsch discloses a method for the transfer of secure data on a network including 
the steps of: 
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a client (12 fig. 1) making a request from a server (16 fig. 1 and said server retrieving 
conforming client data (see fig.l, col.5 line 52 to col.6 line 48). 

said server creating at least one secure cookie, each of said at least one secure cookie 
including selected conforming client data, said selected conforming data including at least some 
of said conforming client data (i.e., using the server to create and to store a client side cookie for 
use in connection with a subsequent URL request, see figs.l, 2, abstract, col.5 line 53 to col.6 
line 49 and col.7 line 43 to col.8 line 52). 

said server (16 fig.l) transmitting at least one of said at least one secure cookie to said 
client and said client storing at least one of said at least one secure cookie (see col.7 line 20 to 
col.8 line 20). 

said client (12 fig.l) presenting to a related server at least one of said stored at least one 
secure cookie with a second request, said related server residing on the same domain as said 
server (i.e., cookie having a match of domain, see fig.3, col.l 1 lines 15-38). 

said related server (16 fig.l) making a determination of whether at least one of said at 
least one retrieved stored at least one secure cookie contains said selected conforming client data 
and said related server fulfilling said second request if said determination is positive 
(authenticating the client user to server, see col.9 lines 4-63 and col. 14 lines 1-43). 
Wherein at least one secure cookie is, among other things, an authentication cookie, a seal cookie 
and a key cookie (authentication cookie, see col. 13 lines 15-67). 

As to claims 100 and 113, Kirsch discloses said conforming client data in retrieved from said 
client and determination is positive only if said selected conforming client data was retrieved by 
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said server from said client during the current session (verifying a valid user account, col.8 lines 
13-63 and col. 13 lines 15-67). 

As to claim 117, Kirsch discloses a request is part of an attribute-based access control function 
session (see controlling purchase transactions, see col. 14 lines 1-65). 

Claim Rejections - 35 USC §103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject 
matter sought to be patented and the prior art are such that the subject matter as a whole 
would have been obvious at the time the invention was made to a person having ordinary 
skill in the art to which said subject matter pertains. Patent ability shall not be negative 
by the manner in which the invention was made. 

5. Claims 83-88, 90, 92- 95, 101, 102, 104-108, 109-111 and 114 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Kirsch, US pat. No.5,963,915 in view of Wiser et al 
US pat. No.6,385,596. 

As to claims 83-88, 101, 102, 104, 108, 1 1 1 and 1 14, Kirsch's teachings still applied as in item 
3 above. Kirsch discloses an encryption algorithm, password cookie including a password (i.e., 
using encrypting mechanism for cookies, see col. 13 lines 15-67). Kirsch does not specifically 
disclose the client's IP address, a hashing algorithm, and a digital signature on a timestamp, 
secret-key based authentication service. However, Wiser discloses the client's IP address, a 
hashing algorithm, secret-key based authentication service and an encryption session key (i.e., 
using multiple levels of encryptions such as Password Authentication Protocol, see abstract, 
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col.16 line 4 to col.19 line 59, col.10 line 13 to col.12 line 54 and col.16 line 4 to col.19 line 59 
and col.20 line 10 to col.21 line 61). It would have been obvious to one of the ordinary skill in 
the art at the time the invention was made to implement Wiser' s teachings into the computer 
system of Kirsch to identify a host computer because it would have enabled users to identify a 
host connected to the Internet to other Internet hosts and provided more secure delivery of data 
over the Internet. 

As to claim 90, Kirsch discloses at least one secure cookie includes a multitude of secure cookies 
(see col. 13 line 15 to col. 14 line 65). 

As to claims 92, 93 and 109, Kirsch discloses that the seal cookie includes an integrity check 
value and the signature of a message digest signed using a private key (see col.8 lines 13-63 and 
col. 13 line 15 to col. 14 line 65). 

As to claims 94 and 95, Kirsch discloses at least one of said at least one name field and at least 
one of said at least one value field are a pair, and one secure cookie further includes a flag, said 
flag specifying whether all machines within said domain referenced by said domain data can 
access said value data (i.e., information of a cookie including NAME and VALUE, see fig.3, 
colli line 16 to col.12 line 67 and col. 13 lines 15-51). 

As to claims 105 -107 and 110, Kirsch discloses determination further includes verifying that 
digital signature belongs to said client and including the step of said server encrypting at least 
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some of said selected conforming client data, a public key and a secret key encrypting a cookie, 
see col. 13 line 1 to col. 14 line 65). 

6. Claims 89 and 103 are rejected under 35 U.S.C. 103(a) as being unpatentable over Kirsch 
in view of Wiser as in item 5 above and further in view of Shi et al., US pat. No.5,875,296. 
As to claims 89 and 103, Kirsch and Wiser 5 s teachings still applied as in item 5 above. Neither 
Kirsch nor Wiser discloses a Kerberos ticket. However, Shi further discloses a Kerberos ticket 
(see col. 5 line 40 to col.6 line 12). It would have been obvious to one of the ordinary skill in the 
art at the time the invention was made to implement Shi' Kerberos ticket in the computer system 
of Kirsch to process transactions in the Internet because it would have enabled the functionality 
of existing standalone Web servers to be enhanced in the enterprise environment and allowed 
users to easily access the Web information stored in the Distributed File Service namespace with 
no additional software on the client machine (see Shi's col.2 lines 38-59). 



Other prior art cited 



The prior art made of record and not relied upon is considered pertinent to applicant's 



disclosure. 



a. Harrison et al., US pat. No.6,691,113. 



b. Wallace, Jr., et al., US pat. No.6,601,169. 
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Response to Arguments 



8. Applicant's arguments with respect to claims 79, 80, 82-90, 92-95 and 97-1 17 (paper # 
21, filed on 4/19/2004) have been considered but are moot in view of the new ground(s) of 
rejection. 



9 Claims 79, 80, 82-90, 92-95 and 97-1 17 are rejected. 

10 Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to Khanh Dinh whose telephone number is 703-308-8528. The examiner can 
normally be reached on 8:00 AM to 5:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Glenton Burgess, can be reached on (703) 305-4792. The fax phone 
numbers for the organization where this application or proceeding is (703) 872-9306. 

Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is 703-305-9600. 



Conclusion 




Khanh Dinh 
Examiner 
Art Unit 2151 



May 14, 2004 



